summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2021-12-01 21:34:34 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2021-12-01 21:34:34 +0100
commit603c42415dde16dc382bb85dcb07497ab23c2ee1 (patch)
treed0c674b173eca6e18575edabb608dfc3bf294ce9
parentc1f45896dbc19c96d9d17b573f54ce911bd4a047 (diff)
Associate some NFUs with the potential opennms source package
-rw-r--r--data/CVE/2008.list4
-rw-r--r--data/CVE/2014.list2
-rw-r--r--data/CVE/2015.list2
-rw-r--r--data/CVE/2020.list6
-rw-r--r--data/CVE/2021.list16
5 files changed, 15 insertions, 15 deletions
diff --git a/data/CVE/2008.list b/data/CVE/2008.list
index f6a7b9e8ab..f67c8689f7 100644
--- a/data/CVE/2008.list
+++ b/data/CVE/2008.list
@@ -2630,7 +2630,7 @@ CVE-2008-6097 (Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog b
CVE-2008-6096 (Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS ...)
NOT-FOR-US: Juniper NetScreen ScreenOS
CVE-2008-6095 (Cross-site scripting (XSS) vulnerability in surveillanceView.htm in Op ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2008-6094 (Cross-site scripting (XSS) vulnerability in user.do in Celoxis Technol ...)
NOT-FOR-US: Celoxis Technologies Celoxis
CVE-2008-6093 (SQL injection vulnerability in index.php in Noname CMS 1.0, when magic ...)
@@ -6890,7 +6890,7 @@ CVE-2008-4322 (Stack-based buffer overflow in RealFlex Technologies Ltd. RealWin
CVE-2008-4321 (Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FT ...)
NOT-FOR-US: FlashGet FTP
CVE-2008-4320 (Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2008-4319 (fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 ...)
NOT-FOR-US: Libra File Manager
CVE-2008-4318 (Observer 0.3.2.1 and earlier allows remote attackers to execute arbitr ...)
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index ab8fd028d0..31f1ef6539 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -16519,7 +16519,7 @@ CVE-2014-3962 (Multiple SQL injection vulnerabilities in Videos Tube 1.0 allow r
CVE-2014-3961 (SQL injection vulnerability in the Export CSV page in the Participants ...)
NOT-FOR-US: WordPress plugin Participants Database
CVE-2014-3960 (Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2014-3980 (libfep 0.0.5 before 0.1.0 does not properly use UNIX domain sockets in ...)
- libfep <itp> (bug #658575)
CVE-2014-3959 (Cross-site scripting (XSS) vulnerability in list.jsp in the Configurat ...)
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index 787b5a0494..13bcb8bbf5 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -5271,7 +5271,7 @@ CVE-2015-7858 (SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows re
CVE-2015-7857 (SQL injection vulnerability in the getListQuery function in administra ...)
NOT-FOR-US: Joomla!
CVE-2015-7856 (OpenNMS has a default password of rtc for the rtc account, which makes ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2015-7855 (The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3 ...)
{DSA-3388-1 DLA-335-1}
- ntp 1:4.2.8p4+dfsg-1
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 1099f35edd..9dfb61a30c 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -42571,7 +42571,7 @@ CVE-2020-12761 (modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer over
[jessie] - imlib2 <not-affected> (Vulnerable code introduced later)
NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63
CVE-2020-12760 (An issue was discovered in OpenNMS Horizon before 26.0.1, and Meridian ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2020-12759 (Zulip Server before 2.1.5 allows reflected XSS via the Dropbox webhook ...)
- zulip-server <itp> (bug #800052)
CVE-2020-12758 (HashiCorp Consul and Consul Enterprise could crash when configured wit ...)
@@ -44877,7 +44877,7 @@ CVE-2020-11888 (python-markdown2 through 2.3.8 allows XSS because element names
CVE-2020-11887 (svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an ...)
NOT-FOR-US: svg2png
CVE-2020-11886 (OpenNMS Horizon and Meridian allows HQL Injection in element/nodeList. ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2020-11885 (WSO2 Enterprise Integrator through 6.6.0 has an XXE vulnerability wher ...)
NOT-FOR-US: WSO2 Enterprise Integrator
CVE-2020-11884 (In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code exec ...)
@@ -69114,7 +69114,7 @@ CVE-2020-1654 (On Juniper Networks SRX Series with ICAP (Internet Content Adapta
CVE-2020-1653 (On Juniper Networks Junos OS devices, a stream of TCP packets sent to ...)
NOT-FOR-US: Juniper
CVE-2020-1652 (OpenNMS is accessible via port 9443 ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2020-1651 (On Juniper Networks MX series, receipt of a stream of specific Layer 2 ...)
NOT-FOR-US: Juniper
CVE-2020-1650 (On Juniper Networks Junos MX Series with service card configured, rece ...)
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 40c7c11d58..7e59f1c280 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -42584,7 +42584,7 @@ CVE-2021-3398
CVE-2021-3397
RESERVED
CVE-2021-3396 (OpenNMS Meridian 2016, 2017, 2018 before 2018.1.25, 2019 before 2019.1 ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2021-26676 (gdhcp in ConnMan before 1.39 could be used by network-adjacent attacke ...)
{DSA-4847-1 DLA-2552-1}
- connman 1.36-2.1
@@ -44439,19 +44439,19 @@ CVE-2021-25937
CVE-2021-25936
RESERVED
CVE-2021-25935 (In OpenNMS Horizon, versions opennms-17.0.0-1 through opennms-27.1.0-1 ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2021-25934 (In OpenNMS Horizon, versions opennms-18.0.0-1 through opennms-27.1.0-1 ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2021-25933 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2021-25932 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2021-25931 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2021-25930 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2021-25929 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
- NOT-FOR-US: OpenNMS
+ - opennms <itp> (bug #450615)
CVE-2021-25928 (Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through ...)
NOT-FOR-US: Node safe-obj
CVE-2021-25927 (Prototype pollution vulnerability in 'safe-flat' versions 2.0.0 throug ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy