Skip to content
Commits on Source (2)
Show whitespace changes
Inline Side-by-side
data/CVE/list
View file @ 2faae3ca
......@@ -16491,7 +16491,7 @@ CVE-2017-17479 (In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered
NOTE: https://github.com/uclouvain/openjpeg/issues/1044
NOTE: Debian packaging does not build JPWL, has BUILD_JPWL:BOOL=OFF
CVE-2017-17478 (An XSS issue was discovered in Designer Studio in Pegasystems Pega ...)
TODO: check
NOT-FOR-US: Pegasystems Pega Platform
CVE-2017-17477
RESERVED
CVE-2017-17475 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a ...)
......@@ -21422,13 +21422,13 @@ CVE-2017-16772
CVE-2017-16771
RESERVED
CVE-2017-16770 (File and directory information exposure vulnerability in ...)
TODO: check
NOT-FOR-US: Synology Surveillance Station
CVE-2017-16769 (Exposure of private information vulnerability in Photo Viewer in ...)
TODO: check
NOT-FOR-US: Synology Photo Station
CVE-2017-16768 (Cross-site scripting (XSS) vulnerability in User Policy editor in ...)
NOT-FOR-US: Synology MailPlus Server
CVE-2017-16767 (Cross-site scripting (XSS) vulnerability in User Profile in Synology ...)
TODO: check
NOT-FOR-US: Synology Surveillance Station
CVE-2017-16766 (An improper access control vulnerability in synodsmnotify in Synology ...)
NOT-FOR-US: Synology DiskStation Manager
CVE-2017-16765 (XSS exists on D-Link DWR-933 1.00(WW)B17 devices via cgi-bin/gui.cgi. ...)
......@@ -66597,7 +66597,7 @@ CVE-2017-1776
CVE-2017-1775
RESERVED
CVE-2017-1774 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 discloses ...)
TODO: check
NOT-FOR-US: IBM Security Guardium Big Data Intelligence
CVE-2017-1773 (IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker ...)
NOT-FOR-US: IBM DataPower Gateways
CVE-2017-1772
......@@ -80333,9 +80333,9 @@ CVE-2016-6601 (Directory traversal vulnerability in the file download functional
CVE-2016-6600 (Directory traversal vulnerability in the file upload functionality in ...)
NOT-FOR-US: ZOHO WebNMS
CVE-2016-6599 (BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET ...)
TODO: check
NOT-FOR-US: BMC Track-It!
CVE-2016-6598 (BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET ...)
TODO: check
NOT-FOR-US: BMC Track-It!
CVE-2016-6597 (Sophos EAS Proxy before 6.2.0 for Sophos Mobile Control, when Lotus ...)
NOT-FOR-US: Sophos EAS Proxy
NOTE: https://www.pallas.com/advisories/sophos_eas_open_reverse_proxy_vulnerability
......@@ -106787,7 +106787,7 @@ CVE-2015-6929 (Multiple cross-site scripting (XSS) vulnerabilities in Nokia Netw
CVE-2015-6928 (classes/admin.class.php in CubeCart 5.2.12 through 5.2.16 and 6.x ...)
NOT-FOR-US: CubeCart
CVE-2015-6926 (The OpenID Single Sign-On authentication functionality in OXID eShop ...)
TODO: check
NOT-FOR-US: OXID eShop
CVE-2015-6925 (wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to ...)
- wolfssl 3.9.10+dfsg-1 (bug #801120)
CVE-2015-6924
......@@ -107837,7 +107837,7 @@ CVE-2015-6571
CVE-2015-6570
RESERVED
CVE-2015-6569 (Race condition in the LoadBalancer module in the Atlassian Floodlight ...)
TODO: check
NOT-FOR-US: Atlassian
CVE-2015-6568 (Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code ...)
NOT-FOR-US: Wolf CMS
CVE-2015-6567 (Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code ...)
......@@ -113673,7 +113673,7 @@ CVE-2015-4463 (The file_manager component in eFront CMS before 3.6.15.5 allows r
CVE-2015-4462 (Absolute path traversal vulnerability in the file_manager component of ...)
NOT-FOR-US: eFront CMS
CVE-2015-4461 (Absolute path traversal vulnerability in eFront CMS 3.6.15.4 and ...)
TODO: check
NOT-FOR-US: eFront CMS
CVE-2015-4460 (Cross-site request forgery (CSRF) vulnerability in ...)
NOT-FOR-US: C2Box
CVE-2015-4459
......@@ -113851,7 +113851,7 @@ CVE-2015-4402
CVE-2015-4401
RESERVED
CVE-2015-4400 (Ring (formerly DoorBot) video doorbells allow remote attackers to ...)
TODO: check
NOT-FOR-US: Ring video doorbells
CVE-2015-4399
RESERVED
CVE-2015-4398 (Open redirect vulnerability in the Chaos tool suite (ctools) module ...)
......@@ -116024,9 +116024,9 @@ CVE-2015-3621 (Untrusted search path vulnerability in SAP Enterprise Central ...
CVE-2015-3620 (Cross-site scripting (XSS) vulnerability in the advanced dataset ...)
NOT-FOR-US: Fortinet FortiAnalyzer
CVE-2015-3619 (Cross-site scripting (XSS) vulnerability in assets/js/vm2admin.js in ...)
TODO: check
NOT-FOR-US: Joomla addon
CVE-2015-3618 (Cross-site scripting (XSS) vulnerability in Nagios Business Process ...)
TODO: check
NOT-FOR-US: Nagios Business Process Intelligence
CVE-2015-3617 (Fortinet FortiManager 5.0 before 5.0.11 and 5.2 before 5.2.2 allow ...)
NOT-FOR-US: Fortinet
CVE-2015-3616 (SQL injection vulnerability in Fortinet FortiManager 5.0.x before ...)
......@@ -162438,9 +162438,9 @@ CVE-2013-3555 (epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshar
CVE-2013-3554
RESERVED
CVE-2013-3553 (Nitro Pro 7.5.0.22 and earlier and Nitro Reader 2.5.0.36 and earlier ...)
TODO: check
NOT-FOR-US: Nitro Pro
CVE-2013-3552 (Nitro Pro 7.5.0.29 and earlier and Nitro Reader 2.5.0.45 and earlier ...)
TODO: check
NOT-FOR-US: Nitro Pro
CVE-2013-3551
RESERVED
{DSA-2696-1}
......@@ -164174,7 +164174,7 @@ CVE-2013-2832 (The Buffer::Set function in core/cross/buffer.cc in the O3D plug-
CVE-2013-2831
RESERVED
CVE-2013-2830 (Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 ...)
TODO: check
NOT-FOR-US: SumatraPDF Reader
CVE-2013-2829 (MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote ...)
NOT-FOR-US: MatrikonOPC SCADA DNP3 OPC Server
CVE-2013-2828 (The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for ...)