Skip to content
Commits on Source (2)
Hide whitespace changes
Inline Side-by-side
data/CVE/list
View file @ 2605a56d
......@@ -331,19 +331,19 @@ CVE-2018-15147
CVE-2018-15146
RESERVED
CVE-2018-15145 (Multiple SQL injection vulnerabilities in ...)
TODO: check
NOT-FOR-US: OpenEMR
CVE-2018-15144 (SQL injection vulnerability in ...)
TODO: check
NOT-FOR-US: OpenEMR
CVE-2018-15143 (Multiple SQL injection vulnerabilities in ...)
TODO: check
NOT-FOR-US: OpenEMR
CVE-2018-15142 (Directory traversal in portal/import_template.php in versions of ...)
TODO: check
NOT-FOR-US: OpenEMR
CVE-2018-15141 (Directory traversal in portal/import_template.php in versions of ...)
TODO: check
NOT-FOR-US: OpenEMR
CVE-2018-15140 (Directory traversal in portal/import_template.php in versions of ...)
TODO: check
NOT-FOR-US: OpenEMR
CVE-2018-15139 (Unrestricted file upload in interface/super/manage_site_files.php in ...)
TODO: check
NOT-FOR-US: OpenEMR
CVE-2018-15138
RESERVED
CVE-2018-15137 (CeLa Link CLR-M20 devices allow unauthorized users to upload any file ...)
......@@ -4537,7 +4537,7 @@ CVE-2018-13394
CVE-2018-13393
RESERVED
CVE-2018-13392 (Several resources in Atlassian Fisheye and Crucible before version ...)
TODO: check
NOT-FOR-US: Atlassian
CVE-2018-13391
RESERVED
CVE-2018-13390 (Unauthenticated access to cloudtoken daemon on Linux via network from ...)
......@@ -6542,7 +6542,7 @@ CVE-2018-12589 (Polaris Office 2017 8.1 allows attackers to execute arbitrary co
CVE-2018-12588 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: Public Knowledge Project (PKP) Open Monograph Press (OMP)
CVE-2018-12587 (A cross-site scripting (XSS) vulnerability was found in valeuraddons ...)
TODO: check
NOT-FOR-US: valeuraddons German Spelling Dictionary
CVE-2018-12586
RESERVED
CVE-2018-12585
......@@ -11950,7 +11950,7 @@ CVE-2018-10571 (Multiple reflected cross-site scripting (XSS) vulnerabilities in
CVE-2018-10570 (Frog CMS 0.9.5 has XSS in /install/index.php via the ...)
NOT-FOR-US: Frog CMS
CVE-2018-10569 (An issue was discovered in Edimax EW-7438RPn Mini v2 before version ...)
TODO: check
NOT-FOR-US: Edimax EW-7438RPn Mini v2
CVE-2018-10568 (XSS exists in Flexense DiskSorter Enterprise from v9.5.12 to v10.7. ...)
NOT-FOR-US: Flexense DiskSorter Enterprise
CVE-2018-10567 (XSS exists in Flexense VX Search Enterprise from v10.1.12 to v10.7. ...)
......@@ -23383,7 +23383,7 @@ CVE-2018-6416
CVE-2018-6415
RESERVED
CVE-2018-6414 (A buffer overflow vulnerability in the web server of some Hikvision IP ...)
TODO: check
NOT-FOR-US: Hikvision IP Cameras
CVE-2018-6413 (There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of ...)
NOT-FOR-US: Hikvision Camera DS-2CD9111-S
CVE-2018-6412 (In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c ...)
......@@ -25256,9 +25256,9 @@ CVE-2018-5927
CVE-2018-5926
RESERVED
CVE-2018-5925 (A security vulnerability has been identified with certain HP Inkjet ...)
TODO: check
NOT-FOR-US: HP Inkjet printers
CVE-2018-5924 (A security vulnerability has been identified with certain HP Inkjet ...)
TODO: check
NOT-FOR-US: HP Inkjet printers
CVE-2018-5923
RESERVED
CVE-2018-5922
......@@ -30938,7 +30938,7 @@ CVE-2018-3782
CVE-2018-3781 (A missing sanitization of search results for an autocomplete field in ...)
TODO: check
CVE-2018-3780 (A missing sanitization of search results for an autocomplete field in ...)
TODO: check
- nextcloud <itp> (bug #835086)
CVE-2018-3779 (active-support ruby gem 5.2.0 could allow a remote attacker to execute ...)
NOT-FOR-US: Trojaned gem release
CVE-2018-3778 (Improper authorization in aedes version &lt;0.35.0 will publish a LWT in ...)
......@@ -88545,7 +88545,7 @@ CVE-2017-1751 (IBM Robotic Process Automation with Automation Anywhere 10.0.0 is
CVE-2017-1750 (IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through ...)
NOT-FOR-US: IBM Jazz Reporting Service
CVE-2017-1749 (IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker ...)
TODO: check
NOT-FOR-US: IBM UrbanCode Deploy
CVE-2017-1748 (IBM Connections 5.0, 5.5, and 6.0 could allow a remote attacker to ...)
NOT-FOR-US: IBM
CVE-2017-1747 (A specially crafted message could cause a denial of service in IBM ...)
......@@ -89471,7 +89471,7 @@ CVE-2017-1288
CVE-2017-1287 (IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct ...)
NOT-FOR-US: IBM
CVE-2017-1286 (Sensitive information about the configuration of the IBM UrbanCode ...)
TODO: check
NOT-FOR-US: IBM UrbanCode Deploy
CVE-2017-1285 (IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user ...)
NOT-FOR-US: IBM
CVE-2017-1284 (IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with ability ...)
......@@ -113833,7 +113833,7 @@ CVE-2016-2924 (IBM Infosphere BigInsights is vulnerable to cross-site scripting,
CVE-2016-2923 (IBM WebSphere Application Server (WAS) 8.5 through 8.5.5.9 Liberty ...)
NOT-FOR-US: IBM
CVE-2016-2922 (IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 ...)
TODO: check
NOT-FOR-US: IBM Rational ClearQuest
CVE-2016-2921
RESERVED
CVE-2016-2920