From 57f51034c236192320c1a7dccb8dbb6793bd13cd Mon Sep 17 00:00:00 2001 From: security tracker role Date: Mon, 1 Jun 2020 20:10:24 +0000 Subject: automatic update --- data/CVE/2014.list | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) (limited to 'data/CVE/2014.list') diff --git a/data/CVE/2014.list b/data/CVE/2014.list index 0e49d906c4..2a8d0a6b48 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -2009,8 +2009,8 @@ CVE-2014-9704 RESERVED CVE-2014-9703 RESERVED -CVE-2014-9702 - RESERVED +CVE-2014-9702 (system/classes/DbPDO.php in Cmfive through 2015-03-15, when database c ...) + TODO: check CVE-2014-9700 RESERVED CVE-2014-9699 (The MakerBot Replicator 5G printer runs an Apache HTTP Server with dir ...) @@ -4476,24 +4476,24 @@ CVE-2014-8947 RESERVED CVE-2014-8946 RESERVED -CVE-2014-8945 - RESERVED -CVE-2014-8944 - RESERVED -CVE-2014-8943 - RESERVED -CVE-2014-8942 - RESERVED -CVE-2014-8941 - RESERVED -CVE-2014-8940 - RESERVED -CVE-2014-8939 - RESERVED -CVE-2014-8938 - RESERVED -CVE-2014-8937 - RESERVED +CVE-2014-8945 (admin.php?page=projects in Lexiglot through 2014-11-20 allows command ...) + TODO: check +CVE-2014-8944 (Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, o ...) + TODO: check +CVE-2014-8943 (Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=project ...) + TODO: check +CVE-2014-8942 (Lexiglot through 2014-11-20 allows CSRF. ...) + TODO: check +CVE-2014-8941 (Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page ...) + TODO: check +CVE-2014-8940 (Lexiglot through 2014-11-20 allows remote attackers to obtain sensitiv ...) + TODO: check +CVE-2014-8939 (Lexiglot through 2014-11-20 allows remote attackers to obtain sensitiv ...) + TODO: check +CVE-2014-8938 (Lexiglot through 2014-11-20 allows local users to obtain sensitive inf ...) + TODO: check +CVE-2014-8937 (Lexiglot through 2014-11-20 allows denial of service because api/updat ...) + TODO: check CVE-2014-8936 REJECTED CVE-2014-8935 @@ -8979,12 +8979,12 @@ CVE-2014-7177 (XML External Entity vulnerability in Enalean Tuleap 7.2 and earli NOT-FOR-US: Enalean Tuleap CVE-2014-7176 (SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows r ...) NOT-FOR-US: Enalean Tuleap -CVE-2014-7175 - RESERVED -CVE-2014-7174 - RESERVED -CVE-2014-7173 - RESERVED +CVE-2014-7175 (FarLinX X25 Gateway through 2014-09-25 allows attackers to write arbit ...) + TODO: check +CVE-2014-7174 (FarLinX X25 Gateway through 2014-09-25 allows directory traversal via ...) + TODO: check +CVE-2014-7173 (FarLinX X25 Gateway through 2014-09-25 allows command injection via sh ...) + TODO: check CVE-2014-7172 RESERVED CVE-2014-7171 @@ -12847,7 +12847,7 @@ CVE-2014-5457 (QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC16 NOT-FOR-US: QNAP CVE-2014-5456 (Cross-site scripting (XSS) vulnerability in the Social Stats module be ...) NOT-FOR-US: Drupal Social Stats module -CVE-2014-5455 (Unquoted Windows search path vulnerability in the ptservice service in ...) +CVE-2014-5455 (Unquoted Windows search path vulnerability in the ptservice service pr ...) NOT-FOR-US: PrivateTunnel as bundled in OpenVPN CVE-2014-5454 (Unrestricted file upload vulnerability in the image upload module in S ...) NOT-FOR-US: SAS Visual Analytics -- cgit v1.2.3