diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2019-09-13 23:41:07 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2019-09-13 23:41:07 +0200 |
commit | e4305a46b459f4cb47d40b26e137ecc0989b1526 (patch) | |
tree | 5d10f1e452e7f7a772dd0049c65a892be96c2edf /data | |
parent | 1257f50cffb0f8e01e9f72cc8724a59d56888f61 (diff) |
NFUs
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/2010.list | 2 | ||||
-rw-r--r-- | data/CVE/2016.list | 36 | ||||
-rw-r--r-- | data/CVE/2017.list | 8 | ||||
-rw-r--r-- | data/CVE/2019.list | 26 |
4 files changed, 37 insertions, 35 deletions
diff --git a/data/CVE/2010.list b/data/CVE/2010.list index 5041588822..93fab11d2f 100644 --- a/data/CVE/2010.list +++ b/data/CVE/2010.list @@ -1,5 +1,5 @@ CVE-2010-5333 (The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x be ...) - TODO: check + NOT-FOR-US: Integard CVE-2010-5332 (In the Linux kernel before 2.6.37, an out of bounds array access happe ...) - linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename) NOTE: https://git.kernel.org/linus/0926f91083f34d047abc74f1ca4fa6a9c161f7db diff --git a/data/CVE/2016.list b/data/CVE/2016.list index 91d7bb07ec..cb787e1ecc 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -35,41 +35,41 @@ CVE-2016-10957 CVE-2016-10956 RESERVED CVE-2016-10955 (The cysteme-finder plugin before 1.4 for WordPress has unrestricted fi ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10954 (The Neosense theme before 1.8 for WordPress has qquploader unrestricte ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10953 (The Headway theme before 3.8.9 for WordPress has XSS via the license k ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10952 (The quotes-collection plugin before 2.0.6 for WordPress has XSS via th ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10951 (The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection vi ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10950 (The sirv plugin before 1.3.2 for WordPress has SQL injection via the i ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10949 (The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL in ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10948 (The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect han ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10947 (The Post Indexer plugin before 3.0.6.2 for WordPress has SQL injection ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10946 (The wp-d3 plugin before 2.4.1 for WordPress has CSRF. ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10945 (The PageLines theme 1.1.4 for WordPress has wp-admin/admin-post.php?pa ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10944 (The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10943 (The zx-csv-upload plugin 1 for WordPress has SQL injection via the id ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10942 (The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for W ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10941 (The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for W ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10940 (The zm-gallery plugin 1.0 for WordPress has SQL injection via the orde ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10939 (The xtremelocator plugin 1.5 for WordPress has SQL injection via the i ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10938 (The copy-me plugin 1.0.0 for WordPress has CSRF for copying non-public ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2016-10937 (IMAPFilter through 2.6.12 does not validate the hostname in an SSL cer ...) - imapfilter <unfixed> (bug #939702) [buster] - imapfilter <no-dsa> (Minor issue) diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 1d8ec31b84..05fdbc2718 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -37,13 +37,13 @@ CVE-2017-18617 CVE-2017-18616 RESERVED CVE-2017-18615 (The kama-clic-counter plugin before 3.5.0 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2017-18614 (The kama-clic-counter plugin 3.4.9 for WordPress has SQL injection via ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2017-18613 (The trust-form plugin 2.0 for WordPress has XSS via the wp-admin/admin ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2017-18612 (The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/f ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2017-18611 (The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCC ...) NOT-FOR-US: magic-fields plugin for WordPress CVE-2017-18610 (The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCC ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index c39d4dae0d..68ca661423 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -5,7 +5,7 @@ CVE-2019-16295 CVE-2019-16294 RESERVED CVE-2019-16293 (The Create Discoveries feature of Open-AudIT before 3.2.0 allows an au ...) - TODO: check + NOT-FOR-US: Open-AudIT CVE-2019-16292 RESERVED CVE-2019-16291 @@ -13,9 +13,9 @@ CVE-2019-16291 CVE-2019-16290 RESERVED CVE-2019-16289 (The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPre ...) - TODO: check + NOT-FOR-US: Wordpress plugin CVE-2019-16288 (On Tenda N301 wireless routers, a long string in the wifiSSID paramete ...) - TODO: check + NOT-FOR-US: Tenda CVE-2019-16287 RESERVED CVE-2019-16286 @@ -98,7 +98,7 @@ CVE-2019-16250 (includes/wizard/wizard.php in the Ocean Extra plugin through 1.5 CVE-2019-16249 (OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core ...) TODO: check CVE-2019-16248 (The "delete for" feature in Telegram before 5.11 on Android does not d ...) - TODO: check + NOT-FOR-US: Telegram for Android CVE-2019-16247 (Delta DCISoft 1.21 has a User Mode Write AV starting at CommLib!CCommL ...) NOT-FOR-US: Delta DCISoft CVE-2019-16246 @@ -2238,7 +2238,7 @@ CVE-2019-15304 (Lierda Grill Temperature Monitor V1.00_50006 has a default passw CVE-2019-15303 RESERVED CVE-2019-15302 (The pad management logic in XWiki labs CryptPad before 3.0.0 allows a ...) - TODO: check + NOT-FOR-US: CryptPad CVE-2019-15301 RESERVED CVE-2019-15300 @@ -5581,17 +5581,17 @@ CVE-2019-13925 CVE-2019-13924 RESERVED CVE-2019-13923 (A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gat ...) - TODO: check + NOT-FOR-US: Siemens CVE-2019-13922 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...) - TODO: check + NOT-FOR-US: Siemens CVE-2019-13921 RESERVED CVE-2019-13920 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...) - TODO: check + NOT-FOR-US: Siemens CVE-2019-13919 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...) - TODO: check + NOT-FOR-US: Siemens CVE-2019-13918 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...) - TODO: check + NOT-FOR-US: Siemens CVE-2019-13917 (Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution ...) {DSA-4488-1} - exim4 4.92-10 @@ -6417,7 +6417,7 @@ CVE-2019-13550 CVE-2019-13549 RESERVED CVE-2019-13548 (CODESYS V3 web server, all versions prior to 3.5.14.10, allows an atta ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2019-13547 RESERVED CVE-2019-13546 @@ -6449,7 +6449,7 @@ CVE-2019-13534 (Philips IntelliVue WLAN, portable patient monitors, WLAN Version CVE-2019-13533 RESERVED CVE-2019-13532 (CODESYS V3 web server, all versions prior to 3.5.14.10, allows an atta ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2019-13531 RESERVED CVE-2019-13530 (Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Fi ...) @@ -39192,6 +39192,7 @@ CVE-2019-0208 REJECTED CVE-2019-0207 RESERVED + NOT-FOR-US: Apache Tapestry CVE-2019-0206 REJECTED CVE-2019-0205 @@ -39234,6 +39235,7 @@ CVE-2019-0196 (A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. NOTE: https://svn.apache.org/r1852989 CVE-2019-0195 RESERVED + NOT-FOR-US: Apache Tapestry CVE-2019-0194 (Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 ...) NOT-FOR-US: Apache Camel CVE-2019-0193 (In Apache Solr, the DataImportHandler, an optional but popular module ...) |