diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2020-02-11 20:10:22 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2020-02-11 20:10:22 +0000 |
| commit | 309bd12ff0a5de9faf94be75cf7a4ed573a55771 (patch) | |
| tree | 8a97e0be4b03074d169c8b98d6d8855ff13ccaec /data/CVE/2014.list | |
| parent | c7191eeec48d58a434428d3686aa83c0ce007a33 (diff) | |
automatic update
Diffstat (limited to 'data/CVE/2014.list')
| -rw-r--r-- | data/CVE/2014.list | 37 |
1 files changed, 16 insertions, 21 deletions
diff --git a/data/CVE/2014.list b/data/CVE/2014.list index 4353ec75e4..fabcdf60cb 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -1790,8 +1790,8 @@ CVE-2014-9756 (The psf_fwrite function in file_io.c in libsndfile allows attacke - libsndfile 1.0.25-10 (bug #804447) [jessie] - libsndfile 1.0.25-9.1+deb8u1 NOTE: https://github.com/erikd/libsndfile/commit/725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6 -CVE-2014-9753 - RESERVED +CVE-2014-9753 (confirm.php in ATutor 2.2 and earlier allows remote attackers to bypas ...) + TODO: check CVE-2014-9752 (Unrestricted file upload vulnerability in mods/_core/properties/lib/co ...) NOT-FOR-US: ATutor CVE-2014-9751 (The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before ...) @@ -1810,8 +1810,7 @@ CVE-2014-9749 (Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest NOTE: http://bugs.squid-cache.org/show_bug.cgi?id=4066 NOTE: http://bazaar.launchpad.net/~squid/squid/3.4/revision/13211 (Squid 3.4) NOTE: http://bazaar.launchpad.net/~squid/squid/3.5/revision/13735 (Squid 3.5) -CVE-2014-9748 - RESERVED +CVE-2014-9748 (The uv_rwlock_t fallback implementation for Windows XP and Server 2003 ...) - libuv 1.7.4-1 (unimportant) - nodejs 4.0.0~dfsg-1 (unimportant) NOTE: Only affects Windows @@ -5966,8 +5965,8 @@ CVE-2014-8349 (Cross-site scripting (XSS) vulnerability in Liferay Portal Enterp NOT-FOR-US: Liferay Portal CVE-2014-8348 RESERVED -CVE-2014-8347 - RESERVED +CVE-2014-8347 (An Authentication Bypass vulnerability exists in the MatchPasswordData ...) + TODO: check CVE-2014-8346 (The Remote Controls feature on Samsung mobile devices does not validat ...) NOT-FOR-US: Samsung mobile devices CVE-2014-8345 @@ -7095,7 +7094,7 @@ CVE-2014-7972 CVE-2014-7971 RESERVED CVE-2014-7969 - RESERVED + REJECTED CVE-2014-7966 RESERVED CVE-2014-7965 @@ -10673,8 +10672,8 @@ CVE-2014-6449 (Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, NOT-FOR-US: Juniper Junos OS CVE-2014-6448 (Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before ...) NOT-FOR-US: Juniper -CVE-2014-6447 - RESERVED +CVE-2014-6447 (Multiple vulnerabilities exist in Juniper Junos J-Web error handling t ...) + TODO: check CVE-2014-6446 (The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPre ...) NOT-FOR-US: WordPress plugin Infusionsoft Gravity Forms CVE-2014-6445 (Multiple cross-site scripting (XSS) vulnerabilities in includes/toAdmi ...) @@ -16867,10 +16866,10 @@ CVE-2014-3829 (displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterpris - centreon-web <itp> (bug #913903) CVE-2014-3828 (Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon ...) - centreon-web <itp> (bug #913903) -CVE-2014-3827 - RESERVED -CVE-2014-3826 - RESERVED +CVE-2014-3827 (Multiple cross-site scripting (XSS) vulnerabilities in the MyBB (aka M ...) + TODO: check +CVE-2014-3826 (Cross-site scripting (XSS) vulnerability in MyBB before 1.6.13 allows ...) + TODO: check CVE-2014-3825 (The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1 ...) NOT-FOR-US: Juniper Junos CVE-2014-3824 (Cross-site scripting (XSS) vulnerability in the web server in the Juni ...) @@ -21734,8 +21733,7 @@ CVE-2014-2053 (getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 a NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/ - wordpress 3.9.2+dfsg-1 (bug #757312) NOTE: https://core.trac.wordpress.org/changeset/29390 -CVE-2014-2052 - RESERVED +CVE-2014-2052 (Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x bef ...) - owncloud 6.0.2+dfsg-1 NOTE: owncloud advisory does not mention details for ZendFramework NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/ @@ -26251,14 +26249,12 @@ CVE-2014-0150 (Integer overflow in the virtio_net_handle_mac function in hw/net/ - qemu-kvm <removed> CVE-2014-0149 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss W ...) NOT-FOR-US: JBoss Seam -CVE-2014-0148 - RESERVED +CVE-2014-0148 (Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to ...) - qemu 2.0.0+dfsg-1 (bug #742730) [squeeze] - qemu <not-affected> (vhdx support introduced in 1.5) [wheezy] - qemu <not-affected> (vhdx support introduced in 1.5) - qemu-kvm <not-affected> (vhdx support introduced in 1.5) -CVE-2014-0147 - RESERVED +CVE-2014-0147 (Qemu before 1.6.2 block diver for the various disk image formats used ...) {DSA-3045-1 DSA-3044-1} - qemu 2.0.0+dfsg-1 (bug #742730) - qemu-kvm <removed> @@ -26277,8 +26273,7 @@ CVE-2014-0145 (Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0 - qemu-kvm <removed> [squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts) [squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts) -CVE-2014-0144 - RESERVED +CVE-2014-0144 (QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various ...) {DSA-3045-1 DSA-3044-1} - qemu 2.0.0+dfsg-1 (bug #742730) - qemu-kvm <removed> |