diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2019-04-11 18:09:51 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2019-04-11 18:09:51 +0200 |
commit | ec30189f75a264572e8ee416fdd926b5cdabac3e (patch) | |
tree | 89e0f3b7a2f8a075d8fb1ae61aa253ef85ca8aea /data/CVE | |
parent | 936e3a30f3708b5fdb08b6c39a99a309c86f04c4 (diff) |
historic glibc issues
NFUs
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2005.list | 2 | ||||
-rw-r--r-- | data/CVE/2006.list | 2 | ||||
-rw-r--r-- | data/CVE/2018.list | 8 | ||||
-rw-r--r-- | data/CVE/2019.list | 16 |
4 files changed, 14 insertions, 14 deletions
diff --git a/data/CVE/2005.list b/data/CVE/2005.list index c1a3f99ea6..98f4525b28 100644 --- a/data/CVE/2005.list +++ b/data/CVE/2005.list @@ -1,5 +1,5 @@ CVE-2005-3590 (The getgrouplist function in the GNU C library (glibc) before version ...) - TODO: check + - glibc 2.3.5-3 CVE-2005-4900 (SHA-1 is not collision resistant, which makes it easier for context-de ...) NOT-FOR-US: Generic protocol issue CVE-2005-4899 diff --git a/data/CVE/2006.list b/data/CVE/2006.list index a55e9762d8..eaf7fbaf9d 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -1,5 +1,5 @@ CVE-2006-7254 (The nscd daemon in the GNU C Library (glibc) before version 2.5 does n ...) - TODO: check + - glibc 2.5-1 CVE-2006-7253 (GE Healthcare Infinia II has a default password of (1) infinia for the ...) NOT-FOR-US: GE Healthcare Infinia II CVE-2006-7252 (Integer overflow in the calloc function in libc/stdlib/malloc.c in jem ...) diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 74179f8533..84f72fd477 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -3717,14 +3717,14 @@ CVE-2018-19591 (In the GNU C Library (aka glibc or libc6) through 2.28, attempti CVE-2018-19590 RESERVED CVE-2018-19589 (Incorrect Access Controls of Security Officer (SO) in PKCS11 R2 provid ...) - TODO: check + NOT-FOR-US: Utimaco CryptoServer HSM CVE-2018-19588 RESERVED CVE-2018-19587 (In Cesanta Mongoose 6.13, a SIGSEGV exists in the mongoose.c mg_mqtt_a ...) NOT-FOR-US: Cesanta Mongoose NOTE: smplayer embeds a copy, which is unused in any released version and disabled since 18.5.0~ds1-1 CVE-2018-19586 (Silverpeas 5.15 through 6.0.2 is affected by an authenticated Director ...) - TODO: check + NOT-FOR-US: Silverpeas CVE-2018-19585 RESERVED - gitlab 11.3.11+dfsg-1 @@ -4130,7 +4130,7 @@ CVE-2018-19518 (University of Washington IMAP Toolkit 2007f on UNIX, as used in CVE-2018-19454 RESERVED CVE-2018-19453 (Kentico CMS before 11.0.45 allows unrestricted upload of a file with a ...) - TODO: check + NOT-FOR-US: Kentico CMS CVE-2018-19452 RESERVED CVE-2018-19451 @@ -5260,7 +5260,7 @@ CVE-2018-19008 (The TextEditor 2.0 in ABB CP400 Panel Builder versions 2.0.7.05 CVE-2018-19007 (In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the D ...) NOT-FOR-US: Geutebrueck cameras CVE-2018-19006 (OSIsoft PI Vision, versions PI Vision 2017, and PI Vision 2017 R2, The ...) - TODO: check + NOT-FOR-US: OSIsoft PI Vision CVE-2018-19005 (Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation ...) NOT-FOR-US: Cscape CVE-2018-19004 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows out of bounds rea ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 4e158fafba..318484ada5 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -35,9 +35,9 @@ CVE-2019-11068 (libxslt through 1.1.33 allows bypass of a protection mechanism b CVE-2019-11067 RESERVED CVE-2019-1003050 (The f:validateButton form control for the Jenkins UI did not properly ...) - TODO: check + NOT-FOR-US: Jenkins CVE-2019-1003049 (Users who cached their CLI authentication before Jenkins was updated t ...) - TODO: check + NOT-FOR-US: Jenkins CVE-2019-11066 RESERVED CVE-2019-11065 (Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download ...) @@ -3947,7 +3947,7 @@ CVE-2019-9696 (Symantec VIP Enterprise Gateway (all versions) may be susceptible CVE-2019-9695 (Norton Core prior to v278 may be susceptible to an arbitrary code exec ...) NOT-FOR-US: Norton Core CVE-2019-9694 (Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptibl ...) - TODO: check + NOT-FOR-US: Symantec CVE-2019-9693 (In CMS Made Simple (CMSMS) before 2.2.10, an authenticated user can ac ...) NOT-FOR-US: CMS Made Simple CVE-2019-9692 (class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 doe ...) @@ -11361,7 +11361,7 @@ CVE-2019-6558 CVE-2019-6557 (Several buffer overflow vulnerabilities have been identified in Moxa I ...) NOT-FOR-US: Moxa CVE-2019-6556 (When processing project files, the application (Omron CX-Programmer v9 ...) - TODO: check + NOT-FOR-US: Omron CVE-2019-6555 (Cscape, 9.80 SP4 and prior. An improper input validation vulnerability ...) NOT-FOR-US: Cscape CVE-2019-6554 (Advantech WebAccess/SCADA, Versions 8.3.5 and prior. An improper acces ...) @@ -12302,11 +12302,11 @@ CVE-2019-6158 CVE-2019-6157 RESERVED CVE-2019-6156 (In Lenovo systems, SMM BIOS Write Protection is used to prevent writes ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2019-6155 RESERVED CVE-2019-6154 (A DLL search path vulnerability was reported in Lenovo Bootable Genera ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2019-6153 RESERVED CVE-2019-6152 @@ -16933,7 +16933,7 @@ CVE-2019-3945 CVE-2019-3944 RESERVED CVE-2019-3943 (MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 ...) - TODO: check + NOT-FOR-US: MikroTik CVE-2019-3942 RESERVED CVE-2019-3941 (Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to ...) @@ -17789,7 +17789,7 @@ CVE-2019-3614 CVE-2019-3613 RESERVED CVE-2019-3612 (Information Disclosure vulnerability in McAfee DXL Platform and TIE Se ...) - TODO: check + NOT-FOR-US: McAFee CVE-2019-3611 RESERVED CVE-2019-3610 (Data Leakage Attacks vulnerability in Microsoft Windows client in McAf ...) |