diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-10 22:07:31 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-10 22:07:31 +0100 |
commit | 5631e4b2578cf363b44eb7485228c493299ed31e (patch) | |
tree | 41624f9c5abffa0ee73390198e46215d31d5fbef /data/CVE | |
parent | e9ef1ecf05262e533f82c00aa00dfac38ac0a66f (diff) |
Process several NFUs
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2011.list | 2 | ||||
-rw-r--r-- | data/CVE/2012.list | 8 | ||||
-rw-r--r-- | data/CVE/2013.list | 2 | ||||
-rw-r--r-- | data/CVE/2014.list | 10 | ||||
-rw-r--r-- | data/CVE/2019.list | 10 |
5 files changed, 16 insertions, 16 deletions
diff --git a/data/CVE/2011.list b/data/CVE/2011.list index 9e9602906c..a21da5a94d 100644 --- a/data/CVE/2011.list +++ b/data/CVE/2011.list @@ -696,7 +696,7 @@ CVE-2011-5022 (SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allo CVE-2011-5021 (PHPIDS before 0.7 does not properly implement Regular Expression Denia ...) - php-ids <itp> (bug #488848) CVE-2011-5020 (An SQL Injection vulnerability exists in the ID parameter in Online TV ...) - TODO: check + NOT-FOR-US: Online TV Database CVE-2011-5019 (Cross-site scripting (XSS) vulnerability in setup/index.php in Textpat ...) - textpattern <unfixed> (low) [squeeze] - textpattern <no-dsa> (Vulnerability is in setup.php, which becomes inaccessible after installation) diff --git a/data/CVE/2012.list b/data/CVE/2012.list index 5b35744459..2e8c9ff61d 100644 --- a/data/CVE/2012.list +++ b/data/CVE/2012.list @@ -6660,7 +6660,7 @@ CVE-2012-4032 (Open redirect vulnerability in the login page in WebsitePanel bef CVE-2012-4031 (Multiple directory traversal vulnerabilities in src/acloglogin.php in ...) NOT-FOR-US: Wangkongbao not in Debian CVE-2012-4030 (Chamilo before 1.8.8.6 does not adequately handle user supplied input ...) - TODO: check + NOT-FOR-US: Chamilo LMS CVE-2012-4029 RESERVED CVE-2012-4028 (Tridium Niagara AX Framework does not properly store credential data, ...) @@ -7220,11 +7220,11 @@ CVE-2012-3825 (Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1 NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125 NOTE: leftover of CVE-2012-2392 CVE-2012-3824 (In Arial Campaign Enterprise before 11.0.551, multiple pages are acces ...) - TODO: check + NOT-FOR-US: Arial Campaign Enterprise CVE-2012-3823 (Arial Campaign Enterprise before 11.0.551 stores passwords in clear te ...) - TODO: check + NOT-FOR-US: Arial Campaign Enterprise CVE-2012-3822 (Arial Campaign Enterprise before 11.0.551 has unauthorized access to t ...) - TODO: check + NOT-FOR-US: Arial Campaign Enterprise CVE-2012-3821 RESERVED CVE-2012-3820 (Multiple SQL injection vulnerabilities in Campaign11.exe in Arial Soft ...) diff --git a/data/CVE/2013.list b/data/CVE/2013.list index b09ca22396..1966f4d430 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -376,7 +376,7 @@ CVE-2013-7382 (VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, CVE-2013-7381 RESERVED CVE-2013-7380 (The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injectio ...) - TODO: check + NOT-FOR-US: Etherpad Lite ep_imageconvert Plugin CVE-2013-7379 (The admin API in the tomato module before 0.0.6 for Node.js does not p ...) NOT-FOR-US: tomato module for Node.js CVE-2013-7378 diff --git a/data/CVE/2014.list b/data/CVE/2014.list index 8c737ee2ad..03daeeca8d 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -13811,9 +13811,9 @@ CVE-2014-5095 CVE-2014-5094 (Status2k allows remote attackers to obtain configuration information v ...) NOT-FOR-US: Status2k CVE-2014-5093 (Status2k does not remove the install directory allowing credential res ...) - TODO: check + NOT-FOR-US: Status2k CVE-2014-5092 (Status2k allows Remote Command Execution in admin/options/editpl.php. ...) - TODO: check + NOT-FOR-US: Status2k CVE-2014-5091 RESERVED CVE-2014-5090 (admin/options/logs.php in Status2k allows remote authenticated adminis ...) @@ -14085,11 +14085,11 @@ CVE-2014-4986 (Multiple cross-site scripting (XSS) vulnerabilities in js/functio CVE-2014-4985 RESERVED CVE-2014-4984 (Déjà Vu Crescendo Sales CRM has remote SQL Injection ...) - TODO: check + NOT-FOR-US: Deja Vu Crescendo Sales CRM CVE-2014-4983 RESERVED CVE-2014-4982 (LPAR2RRD ≤ 4.53 and ≤ 3.5 has arbitrary command injection ...) - TODO: check + NOT-FOR-US: LPAR2RRD CVE-2014-4981 RESERVED CVE-2014-4980 (The /server/properties resource in Tenable Web UI before 2.3.5 for Nes ...) @@ -15178,7 +15178,7 @@ CVE-2014-4532 (Cross-site scripting (XSS) vulnerability in templates/printAdminU CVE-2014-4531 (Cross-site scripting (XSS) vulnerability in main_page.php in the Game ...) NOT-FOR-US: WordPress plugin Game tabs CVE-2014-4530 (flog plugin 0.1 for WordPress has XSS ...) - TODO: check + NOT-FOR-US: flog plugin for WordPress CVE-2014-4529 (Cross-site scripting (XSS) vulnerability in fpg_preview.php in the Fla ...) NOT-FOR-US: WordPress plugin Flash Photo Gallery CVE-2014-4528 (Multiple cross-site scripting (XSS) vulnerabilities in admin/swarm-set ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 22e37b3f6a..fd4620147f 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -5412,7 +5412,7 @@ CVE-2019-18198 (In the Linux kernel before 5.3.4, a reference count usage error CVE-2019-18195 (An issue was discovered on TerraMaster FS-210 4.0.19 devices. Normal u ...) NOT-FOR-US: TerraMaster FS-210 devices CVE-2019-18194 (TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege escal ...) - TODO: check + NOT-FOR-US: TotalAV CVE-2019-18193 RESERVED CVE-2019-18192 (GNU Guix 1.0.1 allows local users to gain access to an arbitrary user' ...) @@ -14938,17 +14938,17 @@ CVE-2019-14308 (Several Ricoh printers have multiple buffer overflows parsing LP CVE-2019-14307 (Several Ricoh printers have multiple buffer overflows parsing HTTP par ...) NOT-FOR-US: Ricoh CVE-2019-14306 (Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of ...) - TODO: check + NOT-FOR-US: Ricoh SP C250DN 1.06 devices CVE-2019-14305 (Several Ricoh printers have multiple buffer overflows parsing HTTP par ...) NOT-FOR-US: Ricoh CVE-2019-14304 (Ricoh SP C250DN 1.06 devices allow CSRF. ...) - TODO: check + NOT-FOR-US: Ricoh SP C250DN 1.06 devices CVE-2019-14303 RESERVED CVE-2019-14302 (On Ricoh SP C250DN 1.06 devices, a debug port can be used. ...) - TODO: check + NOT-FOR-US: Ricoh SP C250DN 1.06 devices CVE-2019-14301 (Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of ...) - TODO: check + NOT-FOR-US: Ricoh SP C250DN 1.06 devices CVE-2019-14300 (Several Ricoh printers have multiple buffer overflows parsing HTTP coo ...) NOT-FOR-US: Ricoh CVE-2019-14299 |